KR20100127807A - 보안 브라우저 기반 애플리케이션 - Google Patents

보안 브라우저 기반 애플리케이션 Download PDF

Info

Publication number
KR20100127807A
KR20100127807A KR1020107022030A KR20107022030A KR20100127807A KR 20100127807 A KR20100127807 A KR 20100127807A KR 1020107022030 A KR1020107022030 A KR 1020107022030A KR 20107022030 A KR20107022030 A KR 20107022030A KR 20100127807 A KR20100127807 A KR 20100127807A
Authority
KR
South Korea
Prior art keywords
component
task
computer
user
code
Prior art date
Application number
KR1020107022030A
Other languages
English (en)
Korean (ko)
Inventor
로이드 티. 힐라이엘
데이비드 비. 그리그스비
고르돈 더랜드
스티븐 이. 스펜서
Original Assignee
야후! 인크.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 야후! 인크. filed Critical 야후! 인크.
Publication of KR20100127807A publication Critical patent/KR20100127807A/ko

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/30Arrangements for executing machine instructions, e.g. instruction decode
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Transfer Between Computers (AREA)
  • Storage Device Security (AREA)
  • Stored Programmes (AREA)
KR1020107022030A 2008-03-02 2009-02-23 보안 브라우저 기반 애플리케이션 KR20100127807A (ko)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US6787208P 2008-03-02 2008-03-02
US61/067,872 2008-03-02
US12/350,177 US8635701B2 (en) 2008-03-02 2009-01-07 Secure browser-based applications
US12/350,177 2009-01-07

Related Child Applications (1)

Application Number Title Priority Date Filing Date
KR1020127031925A Division KR101384085B1 (ko) 2008-03-02 2009-02-23 보안 브라우저 기반 애플리케이션

Publications (1)

Publication Number Publication Date
KR20100127807A true KR20100127807A (ko) 2010-12-06

Family

ID=41014269

Family Applications (2)

Application Number Title Priority Date Filing Date
KR1020107022030A KR20100127807A (ko) 2008-03-02 2009-02-23 보안 브라우저 기반 애플리케이션
KR1020127031925A KR101384085B1 (ko) 2008-03-02 2009-02-23 보안 브라우저 기반 애플리케이션

Family Applications After (1)

Application Number Title Priority Date Filing Date
KR1020127031925A KR101384085B1 (ko) 2008-03-02 2009-02-23 보안 브라우저 기반 애플리케이션

Country Status (10)

Country Link
US (1) US8635701B2 (ja)
EP (1) EP2250577A4 (ja)
JP (2) JP5296106B2 (ja)
KR (2) KR20100127807A (ja)
CN (1) CN101960446B (ja)
AU (1) AU2009220439B2 (ja)
HK (1) HK1153011A1 (ja)
SG (1) SG188169A1 (ja)
TW (1) TWI420338B (ja)
WO (1) WO2009111195A2 (ja)

Families Citing this family (73)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8294723B2 (en) 2008-11-07 2012-10-23 Google Inc. Hardware-accelerated graphics for web applications using native code modules
EP2387765B1 (en) * 2009-01-19 2018-05-23 Koninklijke Philips N.V. Browser with dual scripting engine for privacy protection
US20100192193A1 (en) * 2009-01-23 2010-07-29 Microsoft Corporation Security restriction techniques for browser-based applications
US8966374B1 (en) * 2009-03-30 2015-02-24 Glance Networks, Inc. Method and apparatus for enabling participants to assume control over a presentation in a remote viewing session
US8797337B1 (en) 2009-07-02 2014-08-05 Google Inc. Graphics scenegraph rendering for web applications using native code modules
US8706801B2 (en) * 2009-07-20 2014-04-22 Facebook, Inc. Rendering a web page using content communicated to a browser application from a process running on a client
CN102025761B (zh) * 2009-09-21 2013-07-17 腾讯科技(深圳)有限公司 实现Web装置与Flash装置协同工作的方法与系统
US8990698B2 (en) * 2009-09-23 2015-03-24 Microsoft Technology Licensing, Llc Social network service synchronization
US9137319B2 (en) * 2009-11-13 2015-09-15 Adobe Systems Incorporated Browser privacy mode support
CN102081709B (zh) * 2009-12-01 2017-05-24 联想(北京)有限公司 一种浏览器插件的禁用方法、装置和终端
CN101854359B (zh) * 2010-05-19 2012-10-31 南京联创科技集团股份有限公司 基于虚拟化计算的权限控制方法
US20110307831A1 (en) * 2010-06-10 2011-12-15 Microsoft Corporation User-Controlled Application Access to Resources
US20120030760A1 (en) * 2010-08-02 2012-02-02 Long Lu Method and apparatus for combating web-based surreptitious binary installations
US9294479B1 (en) * 2010-12-01 2016-03-22 Google Inc. Client-side authentication
US8689235B2 (en) 2011-01-18 2014-04-01 Gbc Industries System and method for enabling interaction between a cloud application and a local application
US9037637B2 (en) 2011-02-15 2015-05-19 J.D. Power And Associates Dual blind method and system for attributing activity to a user
CN102111417A (zh) * 2011-03-01 2011-06-29 中国工商银行股份有限公司 网上银行数据的认证方法、装置、服务器及系统
CN102682014A (zh) * 2011-03-14 2012-09-19 腾讯科技(深圳)有限公司 在浏览器上实现的开放式插件管理平台及插件管理方法
US9141360B1 (en) 2011-03-16 2015-09-22 Google Inc. Web application module translation service
US9210209B2 (en) * 2011-05-03 2015-12-08 Google Inc. Extensible browser plugin interface
US8646100B2 (en) * 2011-06-03 2014-02-04 Apple Inc. Method for executing an application in a restricted operating environment
JP5820258B2 (ja) * 2011-06-09 2015-11-24 キヤノン株式会社 管理装置、管理方法、およびプログラム
US9147199B2 (en) * 2011-06-17 2015-09-29 Google Inc. Advertisements in view
JP2013065114A (ja) 2011-09-15 2013-04-11 Fujitsu Ltd 情報処理システムの制御方法、中継装置の制御プログラム及びクライアント装置の制御プログラム
US9106650B2 (en) 2011-11-09 2015-08-11 Microsoft Technology Licensing, Llc User-driven access control
CN102436508B (zh) * 2011-12-28 2013-08-14 奇智软件(北京)有限公司 基于沙箱技术浏览网页的方法及装置
US8935755B1 (en) * 2012-02-06 2015-01-13 Google Inc. Managing permissions and capabilities of web applications and browser extensions based on install location
US9767259B2 (en) * 2012-05-07 2017-09-19 Google Inc. Detection of unauthorized content in live multiuser composite streams
US9407443B2 (en) 2012-06-05 2016-08-02 Lookout, Inc. Component analysis of software applications on computing devices
US10592978B1 (en) * 2012-06-29 2020-03-17 EMC IP Holding Company LLC Methods and apparatus for risk-based authentication between two servers on behalf of a user
CN103593370B (zh) * 2012-08-16 2017-08-22 腾讯科技(深圳)有限公司 在浏览器中实现扩展应用的方法及浏览器
US9563424B2 (en) * 2012-08-17 2017-02-07 Google Inc. Native code instruction selection
US9213827B2 (en) 2012-09-27 2015-12-15 Intel Corporation Security data aggregation and business intelligence for web applications
CN103002019B (zh) * 2012-11-14 2016-01-13 北京奇虎科技有限公司 浏览器及浏览器发送页游消息的方法
US9420031B2 (en) * 2013-01-15 2016-08-16 Microsoft Technology Licensing, Llc Systems and methods for building and using hybrid mobile applications
CN104036160B (zh) * 2013-03-07 2019-03-15 腾讯科技(深圳)有限公司 一种网页浏览方法、装置及浏览器
US20140337424A1 (en) * 2013-05-10 2014-11-13 Apple Inc. Authorizing Push Notifications for Websites
CN104253805B (zh) * 2013-06-28 2018-07-06 腾讯科技(深圳)有限公司 一种浏览器的数据保护方法及浏览器
JP2015075902A (ja) * 2013-10-08 2015-04-20 キヤノン株式会社 画像形成装置、その制御方法とプログラム
CN103761114B (zh) * 2013-10-18 2017-10-17 北京奇虎科技有限公司 一种浏览器侧加载扩展和/或插件的方法及装置
JP6352140B2 (ja) 2013-10-22 2018-07-04 キヤノン電子株式会社 ウェブシステム、サーバ切替装置、サーバ切替方法およびプログラム
GB2514716A (en) * 2013-10-25 2014-12-03 Univ Stellenbosch System and method for monitoring third party access to a restricted item
JP6240987B2 (ja) * 2013-12-03 2017-12-06 本田技研工業株式会社 携帯電子機器連携システム、車載表示装置、および連携用プログラム
US9710566B2 (en) * 2013-12-16 2017-07-18 Google Inc. User interface for webpage permission requests
US10104081B2 (en) * 2013-12-19 2018-10-16 Google Llc Privileged static hosted web applications
KR102198751B1 (ko) * 2014-01-06 2021-01-05 십일번가 주식회사 모바일 결제 처리 시스템 및 그 방법, 그리고 이에 적용되는 장치
CN103745156B (zh) * 2014-01-07 2017-05-03 北京奇虎科技有限公司 一种在搜索引擎中提示风险信息的方法和装置
CN104601639A (zh) * 2014-03-13 2015-05-06 腾讯科技(深圳)有限公司 网页应用消息推送方法、客户端、服务器及系统
JP6424440B2 (ja) * 2014-03-14 2018-11-21 株式会社リコー 情報処理装置、機器、情報処理システム、情報処理方法及び表示制御プログラム
CN104077179B (zh) * 2014-06-16 2017-06-06 武汉理工大学 一种面向Web浏览器的本地API调用方法
KR102086731B1 (ko) * 2014-06-25 2020-04-14 에스케이플래닛 주식회사 클라우드 스트리밍 서비스 제공 방법, 이를 위한 장치 및 시스템, 그리고 이를 위한 클라우드 스트리밍용 스크립트 코드를 기록한 컴퓨터 판독 가능한 기록매체
CN104123353B (zh) * 2014-07-14 2017-11-28 可牛网络技术(北京)有限公司 一种提高浏览器安全性的方法及系统
CN105471824A (zh) * 2014-09-03 2016-04-06 阿里巴巴集团控股有限公司 实现浏览器调用本地业务组件的方法、装置及系统
US20160119147A1 (en) * 2014-10-24 2016-04-28 Mohammed Mustafa Saidalavi Method and System of Online Content Review, Authentication, and Certification
JP2016119029A (ja) * 2014-12-24 2016-06-30 株式会社リコー 情報処理装置、機器、情報処理システム、情報処理方法、プログラム、及びインストール方法
CN107851130A (zh) * 2015-07-07 2018-03-27 简单保有限责任公司 用于在网页上识别和呈现相关联的物品的集成插件
GB201522315D0 (en) * 2015-12-17 2016-02-03 Irdeto Bv Securing webpages, webapps and applications
US9954894B2 (en) 2016-03-04 2018-04-24 Microsoft Technology Licensing, Llc Webpage security
US10728274B2 (en) * 2016-09-22 2020-07-28 Check Point Software Technologies Ltd. Method and system for injecting javascript into a web page
US10362049B2 (en) * 2016-10-12 2019-07-23 International Business Machines Corporation Security-risk plugin to help targeted users interact with web pages and applications
US10681105B2 (en) 2016-12-30 2020-06-09 Facebook, Inc. Decision engine for dynamically selecting media streams
US10218697B2 (en) * 2017-06-09 2019-02-26 Lookout, Inc. Use of device risk evaluation to manage access to services
US10496810B2 (en) * 2017-09-26 2019-12-03 Google Llc Methods and systems of performing preemptive generation of second factor authentication
GB201805429D0 (en) * 2018-04-03 2018-05-16 Palantir Technologies Inc Security system and method
US10931675B2 (en) * 2018-04-10 2021-02-23 Microsoft Technology Licensing, Llc Local API access authorization
US10866845B2 (en) * 2018-05-16 2020-12-15 Microsoft Technology Licensing, Llc Exposing native OS APIS in a web browser
RU2728505C1 (ru) * 2019-02-07 2020-07-29 Акционерное общество "Лаборатория Касперского" Система и способ обеспечения информационной безопасности на основании антропной защиты
TWI776215B (zh) * 2020-08-24 2022-09-01 奇蹟行動科技有限公司 產生使用者介面的描述碼之方法、系統及非暫態電腦可讀取儲存媒體
US20220191177A1 (en) * 2020-12-10 2022-06-16 Kalibro Technologies Ltd. System and method for securing messages
CN112612515B (zh) * 2021-03-05 2021-05-25 四川数康致远医疗信息技术有限公司 医疗健康物联网产品标准化与应用场景展示方法和系统
US20220311776A1 (en) * 2021-03-25 2022-09-29 International Business Machines Corporation Injecting risk assessment in user authentication
CN113836097A (zh) * 2021-09-29 2021-12-24 上海掌门科技有限公司 本地文件的安全保护方法和设备
US20230214235A1 (en) * 2022-01-04 2023-07-06 Citrix Systems, Inc. Control over application plugins

Family Cites Families (39)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6154844A (en) * 1996-11-08 2000-11-28 Finjan Software, Ltd. System and method for attaching a downloadable security profile to a downloadable
US6968539B1 (en) 1999-09-30 2005-11-22 International Business Machines Corporation Methods and apparatus for a web application processing system
EP1113361A1 (en) * 2000-01-03 2001-07-04 Wimba.Com S.A. Process of communication between an applet and a local agent using a socket communication channel
US7233942B2 (en) * 2000-10-10 2007-06-19 Truelocal Inc. Method and apparatus for providing geographically authenticated electronic documents
US7801944B2 (en) * 2001-05-18 2010-09-21 Gary Stephen Shuster Distributed computing using agent embedded in content unrelated to agents processing function
EP1265143A1 (en) * 2001-06-08 2002-12-11 Hewlett-Packard Company, A Delaware Corporation Data processing system and method
US20030145316A1 (en) * 2002-01-25 2003-07-31 Mckinlay Eric System, method and computer program product for initiating a software download
US20040083474A1 (en) 2001-10-18 2004-04-29 Mckinlay Eric System, method and computer program product for initiating a software download
EP1315066A1 (en) * 2001-11-21 2003-05-28 BRITISH TELECOMMUNICATIONS public limited company Computer security system
US7287277B2 (en) * 2001-12-21 2007-10-23 Hewlett-Packard Development Company, L.P. Method and apparatus for controlling execution of a computer operation
US20030233483A1 (en) * 2002-04-23 2003-12-18 Secure Resolutions, Inc. Executing software in a network environment
JP2003337630A (ja) 2002-05-17 2003-11-28 Ntt Docomo Inc 通信端末、プログラム、記録媒体、通信端末のアクセス制御方法およびコンテンツの提供方法
JP2003337716A (ja) 2002-05-20 2003-11-28 Ntt Docomo Inc 電子機器、データ共用方法、プログラム及び記憶媒体
JP2004070716A (ja) 2002-08-07 2004-03-04 Sharp Corp コンテンツ提示方法、コンテンツ提示プログラム、コンテンツ提示装置、および該プログラムを記録する記録媒体
US7509679B2 (en) 2002-08-30 2009-03-24 Symantec Corporation Method, system and computer program product for security in a global computer network transaction
US7434259B2 (en) * 2002-10-21 2008-10-07 Microsoft Corporation Method for prompting a user to install and execute an unauthenticated computer application
US20040103309A1 (en) * 2002-11-27 2004-05-27 Tracy Richard P. Enhanced system, method and medium for certifying and accrediting requirements compliance utilizing threat vulnerability feed
US8042178B1 (en) * 2003-03-13 2011-10-18 Mcafee, Inc. Alert message control of security mechanisms in data processing systems
US7490332B2 (en) * 2003-04-04 2009-02-10 Sesma Systems, Inc. System and method for accessing ActiveX objects in a platform dependent environment from objects in a platform independent environment
US7478408B2 (en) * 2003-04-04 2009-01-13 Sesma Systems, Inc. System and method for accessing objects in a platform dependent environment from a platform independent environment
US8880893B2 (en) * 2003-09-26 2014-11-04 Ibm International Group B.V. Enterprise information asset protection through insider attack specification, monitoring and mitigation
JP2005104098A (ja) * 2003-10-02 2005-04-21 Ricoh Co Ltd 画像形成装置
US20050138416A1 (en) 2003-12-19 2005-06-23 Microsoft Corporation Object model for managing firewall services
US8332943B2 (en) * 2004-02-17 2012-12-11 Microsoft Corporation Tiered object-related trust decisions
US8108902B2 (en) 2004-04-30 2012-01-31 Microsoft Corporation System and method for local machine zone lockdown with relation to a network browser
US20050268112A1 (en) * 2004-05-28 2005-12-01 Microsoft Corporation Managing spyware and unwanted software through auto-start extensibility points
CN100385852C (zh) * 2004-06-22 2008-04-30 腾讯科技(深圳)有限公司 一种网页插件选择下载的实现方法及其装置
US20060156400A1 (en) * 2005-01-06 2006-07-13 Gbs Laboratories Llc System and method for preventing unauthorized access to computer devices
KR20060082353A (ko) 2005-01-12 2006-07-18 와이더댄 주식회사 실행가능 웹 컨텐트 제공 및 처리 시스템 및 방법
US7610273B2 (en) 2005-03-22 2009-10-27 Microsoft Corporation Application identity and rating service
US8078740B2 (en) * 2005-06-03 2011-12-13 Microsoft Corporation Running internet applications with low rights
US8074272B2 (en) * 2005-07-07 2011-12-06 Microsoft Corporation Browser security notification
US7774846B2 (en) * 2005-08-10 2010-08-10 Intel Corporation Method and apparatus for controlling data propagation
WO2007023756A1 (ja) * 2005-08-24 2007-03-01 Nec Corporation 本人認証システム、ユーザ端末、サービス事業者装置、信頼性保証サーバ、これらの動作方法と動作プログラム
JP2009510598A (ja) * 2005-09-27 2009-03-12 サーカー ピーティーイー リミテッド コミュニケーション及びコラボレーションのためのシステム
US7743336B2 (en) * 2005-10-27 2010-06-22 Apple Inc. Widget security
JP2008027306A (ja) * 2006-07-24 2008-02-07 Aplix Corp ユーザ空間仮想化システム
US7797421B1 (en) * 2006-12-15 2010-09-14 Amazon Technologies, Inc. Method and system for determining and notifying users of undesirable network content
US8181264B2 (en) * 2007-02-07 2012-05-15 Apple Inc. Method and apparatus for deferred security analysis

Also Published As

Publication number Publication date
TWI420338B (zh) 2013-12-21
SG188169A1 (en) 2013-03-28
CN101960446A (zh) 2011-01-26
US8635701B2 (en) 2014-01-21
JP5296106B2 (ja) 2013-09-25
EP2250577A2 (en) 2010-11-17
HK1153011A1 (en) 2012-03-16
JP2011514996A (ja) 2011-05-12
JP5592969B2 (ja) 2014-09-17
KR20130008634A (ko) 2013-01-22
AU2009220439A1 (en) 2009-09-11
TW200945096A (en) 2009-11-01
WO2009111195A3 (en) 2009-10-29
AU2009220439B2 (en) 2012-09-13
US20090222925A1 (en) 2009-09-03
JP2013140634A (ja) 2013-07-18
EP2250577A4 (en) 2012-02-29
CN101960446B (zh) 2014-08-13
WO2009111195A2 (en) 2009-09-11
KR101384085B1 (ko) 2014-04-17

Similar Documents

Publication Publication Date Title
KR101384085B1 (ko) 보안 브라우저 기반 애플리케이션
US10503564B2 (en) Method and apparatus for handling security of an application and its extension
US10447684B2 (en) Hosted application sandbox model
US9753742B2 (en) Web-based interface to access a function of a basic input/output system
US9390241B2 (en) Method for executing an application in a restricted operating environment
JP5998284B2 (ja) エンタプライズシステムへのアプリケーションの動的登録
WO2015183456A1 (en) Consistent extension points to allow an extension to extend functionality of an application to another application
US11924210B2 (en) Protected resource authorization using autogenerated aliases
US12026244B2 (en) Registration of dynamically created packaged applications
JP2022099241A (ja) ハードウェアの信頼できる実行環境の待ち時間の低減
Mayank et al. User-Based Authentication for Native Applications
Pirnau The analysis of the. NET architecture security system
Chaganti et al. Using Built-in DSC Resources
Radvan Fedora 13 Managing Confined Services

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
AMND Amendment
E601 Decision to refuse application
AMND Amendment
J201 Request for trial against refusal decision
A107 Divisional application of patent
B601 Maintenance of original decision after re-examination before a trial
J121 Written withdrawal of request for trial
WITB Written withdrawal of application